A simple spam filter for sNews CMS
filed under: sNews CMS / Hacks & Mods
April, what a month this has been thus far, I'm finally done with jury duty after 2 weeks! I've been so busy with that and trying to stay on top of my other work, that I haven't had hardly a minute to enjoy myself or work on any of my sNews projects, until today that is.
Recently I mentioned I was working on a function to filter out all that garbage link spam, well, I have had a basic version running on my sNews site here for a while, so I've cleaned it up and am releasing it here for public use.
What does this function do? Well, two things right now... when you pass a comment to it, it will;
- Check for linkspam, if someone has tried to insert more than 2 links, it will flag it as possible spam.
- Check for clusters of consonants, i.e. "garbage words". This is sort of English-language centric, but all the sNews spam I've seen is English, so I think it should work well for others as it's working wonderful for me thus far.
This function doesn't modify the comments in any way, rather it identifies if it is possibly spam and allows you to send that comment to moderation while allowing others to post directly. By no means a foolproof method, but in conjunction with my image / match hybrid captcha mod, it can severely limit the impact of bot spam on your sNews install.
This means spam like this one will be sent straight to moderation;
motORE izkpclcuguab, [url=http://krjyaebubfcw.com/]krjyaebubfcw[/url], [link=http://babukwwpyzwx.com/]babukwwpyzwx[/link], http://tpgdyvvxhdqf.com/
If you get spam like that and want to stop having it posted right away, try this out.
1. To get started, as usual, BACK-UP your snews.php file and work off a copy, now insert the new function mayBeSpam at the end of your snews.php file above the closing php tag;
function mayBeSpam($comment) {
if (_ADMIN) { // user is the admin, not spam
return false;
}
if (preg_match_all('/((http)+(s)?:(\/\/)|(www\.))/i',$comment,$matches) > '2') { // more than 2 links inserted, likely spam
return true;
}
if (preg_match_all('/[bcdfghjklmnpqrstvwxz]{5,}/i',$comment,$matches) > '0') { // big consonant clusters indicate likely garbage words
return true;
}
}
2. Now find the function comment and within it, find the following line and add the highlighted code below it;
$approved = s('approve_comments') != 'on'|| _ADMIN ? 'True' : '';
if (mayBeSpam($comment) == 'true') {
$approved = '';
$send_to_moderation = '1';
}
3. Still within the function comment, find the following line;
$commentStatus = s('approve_comments') == 'on' && !_ADMIN ? l('comment_sent_approve') : l('comment_sent');
and change it to;
$commentStatus = (s('approve_comments') == 'on' || $send_to_moderation === '1') && !_ADMIN ? l('comment_sent_approve') : l('comment_sent');
4. Now find the bit containing the comment email notification and modify the second line to reflect the highlighted changes below;
if (s('mail_on_comments') == 'on' && !_ADMIN) {
if (s('approve_comments') == 'on' || $send_to_moderation == '1') {
That's it, now upload your modified snews.php file and if you allow comments without moderation, it will automatically send comments with 2 or more links or the "garbage words" to the moderation queue.
As of right now, the spam check function is very basic, but the reason I wrapped it in a separate function is so anyone can extend it by adding their own checks in there, i.e. if you get a lot of spam comments containing the words "viagra" or "credit report", you can add a check to send comments containing a threshold of those keywords to moderation instead of directly posting them.
7 comments
Add a new comment »Categories
Recent Entries
Recent Comments
- Dede (I checked it today in a shop. GT2 had some troubles with six ...)
- Matt (Bintang, You need to re-direct the url, try ...)
- jesth (Ohh.. why didn't I think of that, thanks alot.)
- Matt (Dede, I don't have Gran Turismo 2, any of the 2nd+ generation ...)
- Matt (Jesth, Just change the if condition, instead of looking for ...)
- jesth (Hi (again) Was wondering, is it possible to make it ...)
- Bintang Sembilan (Matt, thanks for your modd. I have apply it to my ...)
- Dede (Hello there. Can you check something for me? I want to buy ...)
- Matt (I think it's a driver issue Terrence, or it was a driver issue. ...)
Popular Entries
- Light-weight related articles mod for sNews 1.7 (4.5/5)
- Image / math hybrid captcha version 2, vastly improved (4.42/5)
- 1024x600 netbook wallpapers of Evangeline Lilly (4.4/5)
- Compact archives for sNews 1.7 (4.4/5)
- sNews Ajax Polls mod now available (4.38/5)
- Pretty date and comments bars in sNews CMS (4.35/5)
- Page caching mod for sNews 1.7 (4.33/5)
- Gravatar mod for sNews 1.7 (4.29/5)
- An improved tag cloud for sNews 1.7 (4.29/5)
Apr 20th, 2009 at 8:15 pm
I have jury duty last year first time in my life .. duty is duty ..two weeks you stayed? Man that is long time...? What happend?
Apr 20th, 2009 at 9:00 pm
Well, here in Massachusetts it's either 1 trial or 1 day, I just got unlucky and got picked to sit on a jury on a trial that ended up taking 2 weeks.
This is the 3rd or 4th time I've been called, but the first time I've been picked.
Apr 22nd, 2009 at 3:08 am
Thanks a lot Matt. It's working great.
Apr 22nd, 2009 at 12:44 pm
Sory Matt your comment and my got delited buy Joost from forum....Now i m going to be back on snews forum more then ever..I just waiting to buy me new pc and we going to Rock forum and snews :)...One more time sory Joost delieted all post and i just want to say final hello to my friends..That is not right...Life goes on ..All see you in forum he cant ban me from forum ....I like your site and i like your MODs...I wisit your site couple times in week...Keep up great work Matt....
Apr 22nd, 2009 at 4:12 pm
Thanks Matt.
Added and working great.
Poppoll
Apr 22nd, 2009 at 10:21 pm
Hi Matt!!! Hey can you make MOD for email form to be independent from core file..Let says i want to use email form on my front page and i use code and email is show up on front page...I want to see email form totally controlled by user not by snews....I hope this help and i think this is big flaws for snews....thx
Apr 23rd, 2009 at 8:03 am
Hi Sasha,
You shouldn't really need a mod for that, you could probably just copy the form code from the contact page and edit it the way you like, then place it anywhere you like, because when sNews detects the $_POST['contactform'] variable it runs through the function at that point.